I'm a technology, privacy, and information security reporter and most recently the author of the book This Machine Kills Secrets, a chronicle of the history and future of information leaks, from the Pentagon Papers to WikiLeaks and beyond.
I've covered the hacker beat for Forbes since 2007, with frequent detours into digital miscellania like switches, servers, supercomputers, search, e-books, online censorship, robots, and China. My favorite stories are the ones where non-fiction resembles science fiction. My favorite sources usually have the word "research" in their titles.
Since I joined Forbes, this job has taken me from an autonomous car race in the California desert all the way to Beijing, where I wrote the first English-language cover story on the Chinese search billionaire Robin Li for Forbes Asia. Black hats, white hats, cyborgs, cyberspies, idiot savants and even CEOs are welcome to email me at agreenberg (at) forbes.com. My PGP public key can be found here.

Nicholas Allegra, better known by his hacker handle Comex. (photo by Nathaniel Welch)

Nicholas Allegra lives with his parents in Chappaqua, New York. The tall, shaggy-haired and bespectacled 19-year old has been on leave from Brown University since last winter, looking for an internship. And in the meantime, he’s been spending his days on a hobby that periodically sends shockwaves through the computer security world: seeking out cracks in the source code of Apple’s iPhone, a device with more software restrictions than practically any computer on the market, and exploiting them to utterly obliterate its defenses against hackers.

“It feels like editing an English paper,” Allegra says simply, his voice croaking as if he just woke up, though we’re speaking at 9:30 pm. “You just go through and look for errors. I don’t know why I seem to be so effective at it.”

To the public, Allegra has been known only by the hacker handle Comex, and keeps a low profile. (He agreed to speak after Forbes‘ poking around Twitter, Facebook and the Brown Directory revealed his name.) But in what’s becoming almost an annual summer tradition, the pseudonymous hacker has twice released a piece of code called JailBreakMe that allows millions of users to strip away in seconds the ultra-strict security measures Apple has placed on its iPhones and iPads, devices that account for more than half the company’s $100 billion in revenues.

The tool isn’t intended for theft or vandalism: It merely lets users install any application they want on their devices. But jailbreaking, as the practice is called, violates Apple’s obsessive control of its gadgets and demonstrates software holes that could be exploited later by less benevolent hackers.

Apple didn’t respond to requests for comment, but it’s not thrilled about Allegra’s work. When he released JailbreakMe 3 in July, the company rushed to patch the security opening in just nine days. Nonetheless, 1.4 million people used the tool to jailbreak their gadgets in that time, and more than 600,000 more since then. Allegra has become such a thorn in Apple’s side that its stores now block JailbreakMe.com on in-store wifi networks.

“I didn’t think anyone would be able to do what he’s done for years,” says Charlie Miller, a former network exploitation analyst for the National Security Agency who first hacked the iPhone in 2007. “Now it’s been done by some kid we had never even heard of. He’s totally blown me away.”

To appreciate JailbreakMe’s brilliance, consider how tightly Steve Jobs locks down his devices: Since 2008, Apple has implemented a safeguard called “code-signing” to prevent hackers from running any of their own commands on its mobile operating system. So even after an attacker finds a security bug that gives him access to the system, he can only exploit it by reusing commands that are already in Apple’s software, a process security researcher Dino Dai Zovi has compared to writing a ransom note out of magazine clippings.

After Allegra released JailbreakMe 2 last year, Apple upped its game another notch, randomizing the location of code in memory so that hackers can’t even locate commands to hijack them. That’s like requiring an attacker to assemble a note out of a random magazine he’s never read before, in the dark.

Post Your Comment

Post Your Reply

Forbes writers have the ability to call out member comments they find particularly interesting. Called-out comments are highlighted across the Forbes network. You'll be notified if your comment is called out.

You obviously have no idea what you’re talking about. If you are worried about Malware, then you should be a lot more concerned about the android platform with it’s incredibly lax review process. You’re much more likely to get your information stolen form an Android device. If you’re worried about bricking your phone, yet again you’re much more likely to do that while rooting your Android device (a process that most manufacturers are embracing because it has become so popular. Anyone who has actually jailbroken their phone knows that any “damage” you do to your phone can be undone by simply connecting to your computer and pressing the “restore” button.

Sorry, but you’re very wrong. It is very difficult to “brick” the iPhone because of the built in DFU feature. If something does happen, you can always restore it back to factory using iTunes. Jailbreakers don’t shrink in numbers but only multiply because of all the great things you can do with jailbroken iOS devices. Apple relies on the JB community. It has brought them many great ideas and ways for them to improve their OS. For instance, the PDF exploit mentioned in this article. Did you know that a programer who created NotifyMe, an enhanced notification mod for jailbroken iOS is now an intern at Apple? Apple needs the jailbroken community.

I have been jailbreaking iPhones for years now. Not only is it very difficult to permanently damage your phone from jailbreaking, as you can always repair and restore to stock configuration through iTunes. Besides, Apple is actually fairly lax about enforcing warranty violations for jailbreaking. You either don’t know what your talking about, or would rather believe this FUD because you are too afraid or inept to jailbreak your own phone.

“To the public, Allegra has been known only by the hacker handle Comex, and keeps a low profile. (He agreed to speak after Forbes‘ poking around Twitter, Facebook and the Brown Directory revealed his name.)”

So you dug around until you found his name, and then you blackmailed him into an interview.

He wasn’t “pseudonymous” until you wrote this article, and now he’ll probably face a lawsuit.

I might have been conflicted about this if Nick hadn’t put his name and photo on an accessible Facebook page, facebook.com/comexk. Comex wasn’t a public figure, but he wasn’t exactly ultra-private, either. Certainly any attorney at Apple could have done what I did to find him, and probably already has.

I’ll say the highest virtue of journalism is truth, not comfort, and in that light you were certainly in the right here. I’d even agree that this could help his job search, but I’m not sure if it does any more for him than was in his power to do already – you did good as a journalist, but I think it’s a hard case that you’ve done well for Nicholas.

That said, I do apologize for questioning your integrity so harshly – it’s not something I’d have done in person.